Joe Perches <joe@xxxxxxxxxxx> writes:
> It seems that the regex for address validation
> isn't very good and perhaps there could/should
> be a stronger validation done for each address
> entered.
The existing ones are actually already harmful. It would trigger on a
valid addresses like this, wouldn't it?
To: "Hamano, Jun" <gitster@xxxxxxxxx>
It is worse than that.
The "# Verify the user input" block is in a wrong place in the codepath.
After @to goes through this bogus "verification" step, it then is given to
expand_aliases(), which may expand to real addresses. And then they pass
through sanitize_address() before getting used.
Three implications that come from this wrong code structure are:
(1) The stricter checks you added on top of the existing bogus
verification step may prevent @to to reach expand_aliases() step,
even if the tokens in @to may expand to correct addresses by this
expand_aliases() step if they were allowed to reach here;
(2) The result from expand_aliases() is never checked.
(3) The result from sanitize_address() is not checked either.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html